Boot.dev Blog » Security » They Who Control Encryption

They Who Control Encryption

By Lane Wagner on August 12, 2020

Curated backend podcasts, videos and articles. All free.

Want to improve your backend development skills? Subscribe to get a copy of The Boot.dev Beat in your inbox each month. It's a newsletter packed with the best content for new backend devs.

If you’ve seen The Imitation Game or studied computer science in school, you have likely heard of Enigma, Alan Turing, or some of the other advances in cryptography that took place during the Second World War. During this time and until the 1970s, governments from around the world had near-total control of all cryptographic systems. It was nearly impossible to learn about encryption without going through a government agency.

One of the major contributing factors to cryptography becoming a discipline within the public domain was Whitfield Diffie and Martin Hellman’s invention of public-key cryptography in 1976. This new kind of asymmetric cryptography revolutionized cryptography. It also allowed the public to leverage the technology to the people’s advantage for the first time.

The Crypto Wars

An attempt to control the power of encryption

When scientists first invented public-key cryptography, the NSA tried to restrict access to the technology and keep the work classified. The NSA and military were the only entities in the USA with easy access to secure encryption standards. One access to strong encryption was open to the public, the government has used many tactics to keep a stranglehold on encryption.

Classifying Technology as Munitions 🔗

During the cold war, the USA classified encryption technology as munitions. This allowed the State Department to control exports of the technology. In other words, even if Americans made discoveries and advances in technology, they couldn’t necessarily share those discoveries with people of other nations.

Adding Backdoors 🔗

Another explicit attempt to sidestep the public’s right to privacy was the clipper chip, which was an attempt by the Clinton administration to get companies to use a specific hardware device for encryption that the government had back-door access to.

clipper chip

Clipper Chip

Attempts to Secretly Thwart Safeguards 🔗

In 2013 Edward Snowden revealed that the NSA had a secret project called Bullrun. The project was successful in cracking the encryption that safeguarded the majority of global commerce and banking systems at the time. The project was wide and deep, but it employed simple methods such as gaining access to a user’s device before encryption and transmission of a message even took place.

Overtly Passing Anti-Privacy Bills 🔗

In 2014 James Comey, then FBI director called for front-door access to all secure communications via keys given to the government by companies offering encryption products. Luckily this didn’t go through.

james comey fbi agent

James Comey, FBI

Attempts at Banning Bitcoin 🔗

In 2019 American congressman Brad Sherman called for congress to pass legislation that would make Bitcoin and cryptocurrency purchases illegal.

2020’s Coup de Grace - Bill 4050 🔗

In 2020, senate bill 4051 makes an attempt:

To improve the ability of law enforcement agencies to access encrypted data, and for other purposes.

S. 4051

Hopefully, this drivel never makes it through the Senat. It contains anti-privacy legislation such as:

[Upon court order manufacturers and developers must provide assistance] decrypting or decoding information on the electronic device or remotely stored electronic information that is authorized to be searched, or otherwise providing such information in an intelligible format…

link

It’s Never Over 🔗

We thought the crypto wars had ended in 2005, with Part I of the Electronic Communications Act 2000 being removed, and open-source encryption widely available for public use. It is clear however that there are still those that would have the government control and censor all financial transactions and communications online.

Stay safe online, and keep your liberties in mind.

Find a problem with this article?

Report an issue on GitHub